Displaying 20 results from an estimated 10000 matches similar to: "New VPN Article"
2004 Sep 25
0
Re: help with a W2K VPN client 619 error and PPTPserver
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
David Macklem wrote:
| Tom,
|
| As I said in a previous mail, these rules file changes work. Thanks.
|
| However, I''m not sure that your firewall changes to handle the GATEWAY
column in the tunnels file does work. I downloaded the most recent
STABLE2 release from CVS and replaced my copy of the firewall script
with the updated version
2004 Sep 29
0
Re: Shorewall-users Digest, Vol 22, Issue 65
Hi
I have 2nic firewall . I had to open some ranges of udp and tcp ports . I
faced a problem that although all the ports are open Some functionality was
not working . Any body used shorewall with H323 Voip traffic DNATed . Any
help is appretiated .
Thanks
----- Original Message -----
From: <shorewall-users-request@lists.shorewall.net>
To: <shorewall-users@lists.shorewall.net>
Sent:
2004 Sep 23
0
Fwd: RE: 2.6 kernel ipsec and shorewall
FYI...
---------- Forwarded Message ----------
Subject: RE: [Shorewall-users] 2.6 kernel ipsec and shorewall
Date: Thursday 23 September 2004 07:44
From: "Jonathan Schneider" <jon@clearconcepts.ca>
To: "''Tom Eastep''" <teastep@shorewall.net>
I must have been up too late working on this, looking at it the next day I
noticed I completely forgot
2005 Sep 20
0
Fwd: [PATCH] Another iptables-save buglet
FYI
This bug will prevent ''shorewall restore'' from working if you have "!<single
IP address>" in the ORIGINAL DEST column.
-Tom
---------- Forwarded Message ----------
Subject: [PATCH] Another iptables-save buglet
Date: Wednesday 14 September 2005 15:09
From: Tom Eastep <teastep@shorewall.net>
To: netfilter-devel@lists.netfilter.org
The conntrack
2005 Jan 19
0
New article about Actions
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
I''ve put together a new article describing Shorewall Actions --
http://shorewall.net/Actions.html. Hopefully this article will be
clearer than its predecessor.
- -Tom
- --
Tom Eastep \ Nothing is foolproof to a sufficiently talented fool
Shoreline, \ http://shorewall.net
Washington USA \ teastep@shorewall.net
PGP Public Key \
2004 Oct 05
0
New Article
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
I''ve written an article that describes the cause of some of the more
frequently seen error and warning messages generated by Shorewall. You
may find the article at http://shorewall.net/ErrorMessages.html.
- -Tom
- --
Tom Eastep \ Nothing is foolproof to a sufficiently talented fool
Shoreline, \ http://shorewall.net
Washington USA \
2004 Nov 02
0
Shorewall 2.2.0 Beta 2
http://shorewall.net/pub/shorewall/2.2-Beta/shorewall-2.2.0-Beta2
ftp://shorewall.net/pub/shorewall/2.2-Beta/shorewall-2.2.0-Beta2
Problems Corrected:
1. The "shorewall check" command results in the (harmless) error
message:
/usr/share/shorewall/firewall: line 2753:
check_dupliate_zones: command not found
2. The
2004 Jul 10
0
New Article in the Shorewall Documentation
Please see http://shorewall.net/PacketHandling.html. It details the flow
of a packet through a Shorwall-generated firewall.
-Tom
--
Tom Eastep \ Nothing is foolproof to a sufficiently talented fool
Shoreline, \ http://shorewall.net
Washington USA \ teastep@shorewall.net
2004 Nov 02
3
Shorewall 2.2.0 Beta 2
http://shorewall.net/pub/shorewall/2.2-Beta/shorewall-2.2.0-Beta2
ftp://shorewall.net/pub/shorewall/2.2-Beta/shorewall-2.2.0-Beta2
Problems Corrected:
1. The "shorewall check" command results in the (harmless) error
message:
/usr/share/shorewall/firewall: line 2753:
check_dupliate_zones: command not found
2. The
2004 Oct 06
1
Re: VPN/ipsec naming of interfaces
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
claas@rootdir.de wrote:
> Hello!
>
>
> Machine A
> WAN IP: 123.123.123.111
> LAN IP: 192.168.177.1
>
>
> Machine A wants to connect through an IPsec tunnel to 192.168.176.2
tcp 110 (pop3).
>
> kernel: Shorewall:all2all:REJECT:
> IN= OUT=ppp0 SRC=123.123.123.111 DST=192.168.176.2
> LEN=60 TOS=0x10
2004 Sep 16
0
Shorewall-2.1.9
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
http://shorewall.net/pub/shorewall/2.1/shorewall-2.1.9
ftp://shorewall.net/pub/shorewall/2.1/shorewall-2.1.9
Problems Corrected:
1) IP ranges in the routestopped and tunnels files now work.
2) Rules where an IP range appears in both the source and destination
~ now work correctly.
3) With complex proxy arp configurations involving two or
2006 Feb 07
0
WG: AW: WG: proxyarp <--> OpenSwan VPN/Internet
I´ve figured out the following.
I am able to sftp from shorewall 2.4.2 left vpn gateway x.x.x.14 (DMZ) to
shorewall 2.4.1 fw x.x.x.11 with /etc/shorewall/proxyarp
x.x.x.14 eth2 eth0 No
very well. That´s not through a tunnel (of course a ssh tunnel, but no vpn)
but with public ip x.x.x.14 to x.x.x.11
If I try to sftp through the fw to the public internet I have the same
2004 Jul 24
0
Re: [Fwd: Re: Shorewall and VPN]
Nathan Gehman wrote:
> The reason I asked is I am unable to remote desktop over the VPN. With the
> rules as you sent them.
>
> Nothing shows up in the firewall logs however, until I close the dialup
> connection.
There is a potential routing problem when you try to use the remote
desktop -- is the workstation that you are trying to connect to via
remote desktop routing
2004 Dec 13
4
Re: Can Multiple openvpn processes run on LEAF?
On Mon, 2004-12-13 at 11:03 -0800, Tom Eastep wrote:
> On Mon, 2004-12-13 at 10:45 -0800, Tom Eastep wrote:
> > On Mon, 2004-12-13 at 13:43 -0500, M Lu wrote:
> > > Tom, can he specify openvpn twice in the tunnel file, e.g.
> > >
> > > openvpn:udp:5000
> > > openvpn:udp:5001
> > >
> > > I think I had the problems with that so I use
2004 Oct 25
0
Shorewall 2.0.10
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
http://shorewall.net/pub/shorewall/2.0/shorewall-2.0.10
ftp://shorewall.net/pub/shorewall/2.0/shorewall-2.0.10
Nothing Earth-shattering here and there is no reason to upgrade if you
are not seeing one of the corrected problems.
- -----------------------------------------------------------------------
Problems corrected in version 2.0.10
1) The
2005 Nov 02
0
Bug in 2.4.6
I''ve just learned that there is a bug in 2.4.6:
Entries for openvpn tunnels (including openvpnclient and
openvpnserver) that specify a port but no protocol cause startup
errors similar to the following:
iptables v1.3.3: unknown protocol `1194'' specified
Try `iptables -h'' or ''iptables --help'' for more information.
2007 Nov 28
2
[Fwd: Re: Port 3001 still have problem]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
As I pointed out to Wilson in a private message, this appears to show
that no other connection requests (other than port 3000) are being sent
from the client to the server (or at least no other connection requests
are being received by the Shorewall box).
Wilson: Are you sure that the client is supposed to open port 3001 on
the server and not the
2005 Jan 03
3
Shorewall 2.0.14
http://shorewall.net/pub/shorewall/2.0/shorewall-2.0.14
ftp://shorewall.net/pub/shorewall/2.0/shorewall-2.0.14
New Features:
1. Previously, when rate-limiting was specified
in /etc/shorewall/policy (LIMIT:BURST column), any traffic which
exceeded the specified rate was silently dropped. Now, if a log
level is given in the entry (LEVEL column) then drops are logged
2003 Nov 09
4
New Shorewall Doc
I''ve created a new document that discusses creating multiple zones
accessed through a single firewall interface.
See: http://shorewall.net/shorewall_quickstart_guide.htm
Comments and corrections are welcome.
-Tom
--
Tom Eastep \ Nothing is foolproof to a sufficiently talented fool
Shoreline, \ http://shorewall.net
Washington USA \ teastep@shorewall.net
2004 Jan 15
2
Crypto API and Shorewall
A number of you are flailing around trying to get the subject combination to
work.
You should all be aware that there are parts of this that don''t currently work
and that won''t work well until there are enhancements made to Shorewall (and
probably to Netfilter).
I. There is no clean way currently to support Road Warriors from a
Masquerading Netfilter firewall/gateway. As